<?php
include($_SERVER["DOCUMENT_ROOT"]."/bob.php");
include($_SERVER["DOCUMENT_ROOT"]."/fonctions_globales.php");
$mysqli = new_mysqli($host, $user, $password, $database); //connection à la DB

if(get_data_in_db($mysqli, "gens", "user_id", $_SESSION['id'], "user_level")!='1'){
	header("Location: /"); exit();}
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="fr" dir="ltr"><head>
<meta charset="utf-8">
<title>Editer les rangs</title>
<link rel="stylesheet" type="text/css" href="fourum.css">
</head>

<?php main_body($mysqli); ?><p align='center'><div class='boite'>
<a href='../index.php'>Index du fourum</a></div> <div class='boite'><a href='forums.php'>forums</a> 
</div> <div class='boite'><a href='smileys.php'>Smileys</a> 
</div> <div class='boite'><a href='rangs.php'>Rangs</a></div> <div class='boite'><a href='gens.php'>Permissions/ban</a> </div></p>
<?php

$titre = $mysqli->real_escape_string(get_data_ss_tag(@$_POST['titre']));

if(@$_POST['boutton']=="New"){
	mysqli_query_with_error($mysqli, "INSERT INTO titres(titre_name) VALUES('$titre')"); 
}

if(@$_POST['boutton']=="Edit"){
	$idd = get_num($_POST['idd']);
	mysqli_query_with_error($mysqli, "UPDATE titres SET titre_name='$titre' WHERE titre_id = $idd"); 
}

if(@$_GET['mod']=="supr"){
	$idd = get_num($_GET['id']);
	mysqli_query_with_error($mysqli, "DELETE FROM titres WHERE titre_id = $idd"); 
}

if(@$_GET['mod']=="new"){
	 echo "<br><br><form action='rangs.php' method='post'><p align='center'>Titre: <input type='text' class='noir'
	 name='titre'><br><br><input type='submit' name='boutton' value='New'></form></p>";
}

if(@$_GET['mod']=="edit"){
	 $ran = get_line_in_db($mysqli, "titres", "titre_id", $_GET['id']);
	 echo "<br><br><form action='rangs.php' method='post'><p align='center'>Titre: <input type='text' class='noir'
	 name='titre' value='{$ran['titre_name']}'><br><br><input type='submit' name='boutton' value='Edit'>
	<input type='hidden' name='idd' value='{$ran['titre_id']}'></form></p>";
}

echo"<br><br><a href='rangs.php?mod=new' style='border:3px ridge blue;'>New</a><br><br>
<table border='1' style='text-align:center;'><tr><td>Nom</td><td>Editer</td><td>Supprimer</td></tr>";
$result =  mysqli_query_with_error($mysqli, "SELECT * FROM titres ORDER BY titre_name");
while($ligne = $result->fetch_assoc()) {
	$idd = get_num($ligne['titre_id']);
	$titre = get_data_propre_sortie_db($ligne['titre_name']);
	 echo"<tr><td>$titre</td><td><a href='rangs.php?mod=edit&id=$idd'>Editer</a></td><td><a href='
	rangs.php?mod=supr&id=$idd' onclick='return confirm(\"Veux-tu vraiment atomiser ce rang innocent?\");'>Supprimer</a></td></tr>";
}
?>
</body></html>